[dns-operations] my answer to "i heard dnssec was a ddos threat, should i avoid it?" on serverfault today

Paul Vixie paul at redbarn.org
Wed Jan 6 22:36:29 UTC 2016


On Wednesday, January 06, 2016 01:31:14 PM David Conrad wrote:
> Paul,
> 
> On Jan 6, 2016, at 12:50 PM, Paul Vixie <paul at redbarn.org> wrote:
> > http://serverfault.com/a/747213/330420 <http://serverfault.com/a/747213/330420>
> "DNSSEC is not required to use EDNS0"

the words, the words-- they burn!

[because DNSSEC always uses EDNS0, but EDNS0 can be used without DNSSEC]

-- 
P Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160106/f10a9f46/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160106/f10a9f46/attachment.sig>


More information about the dns-operations mailing list